相關新聞 | HKCERT

New Mockingjay process injection technique evades EDR detection

Researchers at cybersecurity firm Security Joes discovered the method, which utilizes legitimate DLLs with RWX (read, write, execute) sections for evading EDR hooks and injecting code into remote processes.

Cyware News 2023年06月27日 202 觀看次數

Trojanized Super Mario game used to install Windows malware

A trojanized installer for the popular Super Mario 3: Mario Forever game for Windows has been infecting unsuspecting players with multiple malware infections.

Bleeping Computer 2023年06月27日 268 觀看次數

Microsoft 365 users report Outlook, Teams won't start or freezes

Network and IT admins have been dealing with ongoing Microsoft 365 issues this week, reporting that some end users cannot use Microsoft Outlook or other Microsoft 365 apps. [...]

Bleepingcomputer 2023年06月23日 228 觀看次數

Zero-Day Alert: Apple Releases Patches for Actively Exploited Flaws in iOS, macOS, and Safari

Apple on Wednesday released a slew of updates for iOS, iPadOS, macOS, watchOS, and Safari browser to address a set of flaws it said were actively exploited in the wild. [...]

thehackernews 2023年06月23日 232 觀看次數

New Condi malware builds DDoS botnet out of TP-Link AX21 routers

A new DDoS-as-a-Service botnet called "Condi" emerged in May 2023, exploiting a vulnerability in TP-Link Archer AX21 (AX1800) Wi-Fi routers to build an army of bots to conduct attacks. [...]

Bleepingcomputer 2023年06月21日 334 觀看次數

Purely AI-generated songs declared ineligible for Grammy Awards

"A work that contains no human authorship is not eligible in any categories."

Ars Technica 2023年06月21日 309 觀看次數

VMware warns of critical vRealize flaw exploited in attacks

VMware updated a security advisory published two weeks ago to warn customers that a now-patched critical vulnerability allowing remote code execution is being actively exploited in attacks. [...]

Bleepingcomputer 2023年06月21日 399 觀看次數

Android spyware camouflaged as VPN, chat apps on Google Play

Three Android apps on Google Play were used by state-sponsored threat actors to collect intelligence from targeted devices, such as location data and contact lists.

Bleeping Computer 2023年06月20日 185 觀看次數

ASUS urges customers to patch critical router vulnerabilities

ASUS has released new firmware with cumulative security updates that address vulnerabilities in multiple router models, warning customers to immediately update their devices or restrict WAN access until they're secured.

Bleeping Computer 2023年06月20日 222 觀看次數

Reddit hackers threaten to leak data stolen in February breach

The BlackCat (ALPHV) ransomware gang is behind a February cyberattack on Reddit, where the threat actors claim to have stolen 80GB of data from the company. [...]

Bleepingcomputer 2023年06月19日 194 觀看次數